CiteSeerX — Search Results — Controller DAC: Securing SDN controller with dynamic access control

Results 1 - 10 of 1,097

Role-Based Access Control

by David Ferraiolo, Richard Kuhn - In 15th NIST-NCSC National Computer Security Conference , 1992

"... While Mandatory Access Controls (MAC) are appropriate for multilevel secure military applications, Discretionary Access Controls (DAC) are often perceived as meeting the security processing needs of industry and civilian government. This paper argues that reliance on DAC as the principal method of a ..."

Abstract - Cited by 477 (6 self) - Add to MetaCart

While Mandatory Access Controls (MAC) are appropriate for multilevel secure military applications, Discretionary Access Controls (DAC) are often perceived as meeting the security processing needs of industry and civilian government. This paper argues that reliance on DAC as the principal method

Access Control for SDN Controllers

by Felix Klaedtke, Ghassan O. Karame, Roberto Bifulco, Heng Cui

"... Based on the OpenFlow model, we propose an access control scheme for SDN controllers. Our scheme accounts for the different network resources, multiple security requirements, conflicts originating from the reconfiguration of network com-ponents, and the delegation of access permissions. ..."

Abstract - Cited by 1 (0 self) - Add to MetaCart

Based on the OpenFlow model, we propose an access control scheme for SDN controllers. Our scheme accounts for the different network resources, multiple security requirements, conflicts originating from the reconfiguration of network com-ponents, and the delegation of access permissions.

Controller-agnostic SDN Debugging

by Ramakrishnan Durairajan, Joel Sommers, Paul Barford

"... Complexity in software-defined network (SDN) applications calls for methods and tools that can facilitate comprehen-sive debugging and analysis. A key challenge in this regard is that SDN configurations interact with network devices that can behave in unexpected ways, depending on factors such as tr ..."

Abstract - Cited by 1 (0 self) - Add to MetaCart

is accessed through a text interface and is designed to interoperate with any standard SDN controller platform. We demonstrate the capabilities of OFf through three test scenarios that illustrate its utility and modest performance impact on running applications. Specifically, we show how OFf can be used

Automated Whitebox Fuzz Testing

by Patrice Godefroid, Michael Y. Levin, David Molnar

"... Fuzz testing is an effective technique for finding security vulnerabilities in software. Traditionally, fuzz testing tools apply random mutations to well-formed inputs of a program and test the resulting values. We present an alternative whitebox fuzz testing approach inspired by recent advances in ..."

Abstract - Cited by 311 (25 self) - Add to MetaCart

Fuzz testing is an effective technique for finding security vulnerabilities in software. Traditionally, fuzz testing tools apply random mutations to well-formed inputs of a program and test the resulting values. We present an alternative whitebox fuzz testing approach inspired by recent advances

SDN-Driven Authentication and Access Control System

by Vainius Dangovas, Feliksas Kuliesius

"... Attempts to secure the enterprise network even when using strong AAA (authentication, authorization and accounting) schemes meet the user box spoofing and security middle boxes (firewalls and other filtering tools) bypassing problems. To strengthen the network security level, the names (users, addre ..."

Abstract - Add to MetaCart

, addresses) and user machines must be bound tightly to the unambiguously defined network appliances and its ports. Using traditional network architecture these solutions are difficult to realize. The SDN framework allows to solve these problems more sharply and securely. The AAA design based on the Software

Stack-based Access Control and Secure Information Flow

by Anindya Banerjee, David A. Naumann , 2003

"... Access control mechanisms are often used with the intent of enforcing confidentiality and integrity policies, but few rigorous connections have been made between information flow and runtime access control. The Java virtual machine and the .NET runtime system provide a dynamic access control mechani ..."

Abstract - Cited by 98 (18 self) - Add to MetaCart

level and dynamic access control prevents release of high information to low callers. Programs fitting this pattern would be rejected by previous flow analyses. We give a static analysis that admits them, using permission-dependent security types. The analysis is given for a class-based object

Optimistic Security: A New Access Control Paradigm

by Dean Povey - In Proceedings of 1999 New Security Paradigms Workshop , 1999

"... Despite the best efforts of security researchers, sometimes the static nature of authorisation can cause unexpected risks for users working in a dynamically changing environment. Disasters, medical emergencies or time-critical events can all lead to situations where the ability to relax normal acces ..."

Abstract - Cited by 83 (1 self) - Add to MetaCart

Despite the best efforts of security researchers, sometimes the static nature of authorisation can cause unexpected risks for users working in a dynamically changing environment. Disasters, medical emergencies or time-critical events can all lead to situations where the ability to relax normal

SECURITY ANALYSIS IN ROLE-BASED ACCESS CONTROL

by Ninghui Li, Mahesh V. Tripunitara , 2005

"... The administration of large Role-Based Access Control (RBAC) systems is a challenging problem. In order to administer such systems, decentralization of administration tasks by the use of delegation is an effective approach. While the use of delegation greatly enhances flexibility and scalability, it ..."

Abstract - Cited by 70 (11 self) - Add to MetaCart

, it may reduce the control that an organization has over its resources, thereby diminishing a major advantage RBAC has over Discretionary Access Control (DAC). We propose to use security analysis techniques to maintain desirable security properties while delegating administrative privileges. We give a

Analysis of DAC MAC RBAC Access Control based Models for Security

by Bokefode Jayant D, Ubale Swapnaja A, Modani Dattatray G, Apte Sulabha S

"... Access Control is the process or mechanism for giving the authority to access the specific resources, applications and system. Access control defines a set of conditions or criteria to access the system and its resources. There are three main accesses Control model first is Mandatory access control ..."

Abstract - Add to MetaCart

therefore it is the most restrictive access control method. It is useful in a highly secured environment. For example military, research centers. In Discretionary access control model, the end users have complete authority to assign any rights to objects. But

Access control for Active Spaces

by Geetanjali Sampemane, Prasad Naldurg - In Proceedings of the Annual Computer Security Applications Conference (ACSAC), pages 343–352, Las Vegas, NV , 2002

"... Active Spaces are physical spaces augmented with heterogeneous computing and communication devices along with supporting software infrastructure. This integration facilitates collaboration between users, and promotes greater levels of interaction between users and devices. An Active Space can be con ..."

Abstract - Cited by 55 (4 self) - Add to MetaCart

of users, and the dependence between physical and virtual aspects of security in Active Spaces. Our model provides support for both discretionary and mandatory access control policies, and uses role-based access control techniques for easy administration of users and permissions. We dynamically assign

Results 1 - 10 of 1,097

Tools